The method of the invention assumes there is a security manager and mechanism present for defining, attaching, and evaluating external authorization policy to file resources based on the file's path name. In this invention, protected symbolic links and the resources that the link points to are stored in a protected object database. When a system access attempt occurs, the file attribute is extracted from the file used in the access. The file attribute is then used to search the protected object database. If a matching system resource is found, and that resource is protected but does not have independent security policy on it, then the resource will have the security policy of a symbolic link that points to it. In this case, the security of each protected symbolic link pointing to the system resource has to grant access in order for allowance of the access attempt. This approach insures that the most restrictive outcome prevails.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A method for controlling access to a computing system resource, being accessed through a symbolic link file, with an externally stored resource comprising the steps of: determining a system resource named in the symbolic link through which an access attempt is made; searching a protected objects database for entries protecting said system resource and generating a list of said entries; and generating an authorization decision for the access attempt based on security policies that govern all entries in the protected objects database that protect the system resource, the authorization decision being generated by retrieving a current entry from said generated database list; calling an access decision component of the externally stored resource to obtain an access decision for the access attempt based on the security policy that governs the current entry in the generated database list; determining whether the access decision component granted access; if the decision component granted access, determining whether more entries are in this database list; and updating a current entry in said database list when more entries are in the list and returning to said current entry retrieving step.
2. The method as described in claim 1 wherein said control method grants access if said search does not find in the protected objects database, the system resource named in the symbolic link through which the access attempt is made.
3. The method as described in claim 1 further comprising the step of denying the access attempt when the decision component denies access based on the security policy for the current database entry.
4. The method as described in claim 1 further comprising the step of allowing the access attempt if no more entries are in the database list.
5. The method as described in claim 1 wherein said searching step comprises the steps of: retrieving an entry from the protected objects database; comparing the name of the database entry to the name of the system resource that is an object of the access attempt; when there is a match between the database entry and the system resource name that is the object of the access attempt, determining whether the resource is named in a symbolic link that is listed in the protected object database; and generating a list containing the exact found entry, when the entry is not named in a symbolic link listed in the protected object database.
6. The method as described in claim 1 wherein said searching step comprises the steps of: retrieving an entry from the protected objects database; comparing the name of the retrieved database entry to the name of the system resource that is the object of the access attempt; when there is a match between the database entry and the name of the resource that is the object of the access attempt, determining whether the database entry is named in a symbolic link that is listed in the protected object database; adding said entry to a list containing found entries, when the entry is named in a symbolic link listed in the protected object database; determining whether there are more entries in the protected object database; and updating a current database entry in said database when more entries are in the database and returning to said current entry retrieving step.
7. The method as described in claim 1 wherein said searching step comprises the steps of: retrieving an entry from the protected objects database; comparing the name of the retrieved database entry to the name of the system resource that is the object of the access attempt; when there is a match between the database entry and the name of the resource that is the object of the access attempt, determining whether the database is named in a symbolic link that is listed in the protected object database; adding said entry to a list containing found entries, when the entry is named in a symbolic link listed in the protected object database; determining whether there are more entries in the protected object database; and returning the list containing found entries, when there are no more entries.
8. The method as described in claim 1 further comprising before said retrieving step the step of generating a protected objects database.
9. The method as described in claim 8 comprising the steps of: retrieving file attributes for a system resource file; determining from said retrieved file attributes whether said resource file is a symbolic link file; when resource file is a symbolic link, retrieving the name and attributes of the system resource named in the symbolic link; and adding the symbolic link and system resource named in the symbolic link to the protected objects database.
10. The method as described in claim 8 comprising the steps of: retrieving file attributes for a system resource file; determining from said retrieved file attributes whether said resource file is a symbolic link file; and terminating said method and processing the system resource file access attempt through other methods.
11. The method as described in claim 9 wherein said adding step comprises the steps of: setting the system resource named in the symbolic link as the child of the symbolic link; setting the symbolic link naming the resources as the parent of said resource; adding the symbolic link as an entry in the protected object database; and adding the named resource as an entry in the protected objects database.
12. A method for controlling access to a computing system device being accessed through symbolic link, said access control being implemented through an externally stored resource and comprising the steps of: monitoring the computing system for activities related to creating and accessing symbolic links that link to system resources; generating an authorization decision governing a symbolic link creation attempt or a symbolic link access attempt based on security policies that govern all entries in the protected objects database that protect the system resource, the authorization decision being generated by retrieving a current entry from said generated database list; calling an access decision component of the externally stored resource to obtain an access decision for the access attempt based on the security policy that governs the current entry in the generated database list; determining whether the access decision component granted access; if the decision component granted access, determining whether more entries are in this database list; and updating a current entry in said database list when more entries are in the list and returning to said current entry retrieving step; restricting the creation of symbolic link files based on the rules defined in the externally stored resource; and restricting accesses to system resources that are linked to and accessed by a symbolic link.
13. A computer program product stored on a computer readable storage medium for controlling access to a computing system resource, being accessed through a symbolic link file, with an externally stored resource comprising: instructions for determining a system resource named in the symbolic link through which the access attempt is made; instructions for searching a protected objects database for entries protecting said system resources and generating a list of said entries; and instructions for generating an authorization decision for the access attempt based on the security policies that govern all entries in the database protecting the system resource, the authorization decision being generated by instructions retrieving a current entry from said generated database list; instructions calling an access decision component of the externally stored resource to obtain an access decision for the access attempt based on the security policy that governs the current entry in the generated database list; instructions determining whether the access decision component granted access; if the decision component granted access, instructions determining whether more entries are in this database list; and instructions updating a current entry in said database list when more entries are in the list and returning to said current entry retrieving step.
14. The computer program product as described in claim 13 further comprising instructions for denying the access attempt when the decision component denies access based on the security policy for the current database entry.
15. The computer program product as described in claim 13 further comprising instructions for allowing the access attempt if no more entries in the database list.
16. The computer program product as described in claim 13 wherein said searching instructions comprise: instructions for retrieving an entry from the protected objects database; instructions for comparing the name of the database entry to the name of a system resource that is the object of the access attempt; instructions for when there is a match between the database entry and the name of the resource that is the object of the access attempt, determining whether the system resource is named in a symbolic link that is listed in the protected object database; and instructions for generating a list containing the exact found entry, when the entry is not named in a symbolic link listed in the protected object database.
17. The computer program product as described in claim 13 wherein said searching instructions comprise: instructions for retrieving an entry from the protected objects database; instructions for comparing the name of the database entry to the name of a system resource that is the object of the access attempt; when there is a match between the database entry and the name of the resource that is the object of the access attempt, instructions for determining whether the database entry is named in a symbolic link that is listed in the protected object database; instructions for adding said entry to a list containing found entries, when the entry is not named in a symbolic link listed in the protected object database; instructions for determining whether there are more entries in the protected object database; and instructions for updating a current database entry in said database when more entries are in the database and returning to said current entry retrieving step.
18. The computer program product as described in claim 13 wherein said searching instructions comprise: instructions for retrieving an entry from a protected objects database; instructions for comparing the name of the retrieved database entry to the name of a system resource that is the object of the access attempt; when there is a match between the database entry and the name of the resource that is the object of the access attempt, instructions for determining whether the database is named in a symbolic link that is listed in the protected object database; instructions for adding said entry to a list containing found entries, when the entry is not named in a symbolic link listed in the protected object database; instructions for determining whether there are more entries in the protected object database; and instructions for returning the list containing found entries.
19. The method as described in claim 18 further comprising before said retrieving instructions the instructions for generating a protected objects database.
20. A method for restricting the creation of a protected symbolic link that names a system resource comprising the steps of: determining a system resource named in a proposed symbolic link; searching a protected objects database for entries protecting said system resource named in the proposed symbolic link; generating a list of file entries that contain the system resource named in a proposed symbolic link; and generating an authorization decision for the access attempt based on security policies that govern all entries in the protected objects database that protect the system resource, the authorization decision being generated by retrieving a current entry from said generated database list; calling a creation decision component of the externally stored resource to obtain a decision for the symbolic link creation attempt based on the security policy that governs the current entry in the generated database list; determining whether the creation decision component allows creation of a symbolic link; if the decision component allowed creation, determining whether more entries are in this database list; updating a current entry in said database list when more entries are in the list and returning to said current entry retrieving step.
21. The method as described in claim 20 wherein said restriction method allows a creation attempt if said search does not find in a protected objects database, the resource named in the proposed symbolic link.
22. The method as described in claim 20 further comprising the step of denying the creation attempt when the decision component denies the creation attempt based on the security policies that govern all entries in the database protecting the system resource.
23. The method as described in claim 20 further comprising the step of allowing the symbolic link creation attempt if no more entries in the database list.
24. The method as described in claim 20 further comprising before said retrieving step the step of generating a protected objects database.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
April 26, 2001
August 21, 2007
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.